feat: Implement complete Zero OS Alpine Initramfs Builder

- Complete bash framework with strict error handling
- Modular library system (docker, alpine, components, initramfs, kernel, testing)
- Rust component integration (zinit, rfs, mycelium) with musl targeting
- Rootless Docker/Podman support for GitHub Actions
- Centralized configuration in config/build.conf
- 2-stage module loading system
- Strip + UPX optimization for minimal size
- Complete zinit integration replacing OpenRC
- GitHub Actions CI/CD pipeline
- Comprehensive documentation and usage guides

Components:
- Latest stable kernel 6.12.44
- Alpine Linux 3.22 base
- ThreeFold components: zinit, mycelium, rfs, corex
- Target: ~8-12MB final initramfs.cpio.xz

config/build.conf

@@ -0,0 +1,46 @@
+# Zero OS Alpine Initramfs Builder Configuration
+# This file contains all build-time configuration parameters
+
+# System versions
+ALPINE_VERSION="3.22"
+KERNEL_VERSION="6.12.44"
+
+# Rust configuration
+RUST_TARGET="x86_64-unknown-linux-musl"
+
+# Build optimization
+OPTIMIZATION_LEVEL="max"
+
+# Container configuration
+CONTAINER_RUNTIME="auto"
+BUILDER_IMAGE="zero-os-builder:latest"
+
+# Compression settings
+INITRAMFS_COMPRESSION="xz"
+XZ_COMPRESSION_LEVEL="9"
+
+# Testing configuration
+QEMU_MEMORY="512M"
+QEMU_TIMEOUT="60"
+CLOUD_HYPERVISOR_MEMORY="512M"
+
+# Build directories (relative to project root)
+INSTALL_DIR="initramfs"
+COMPONENTS_DIR="components"
+KERNEL_DIR="kernel"
+DIST_DIR="dist"
+
+# Mirror configurations
+ALPINE_MIRROR="https://dl-cdn.alpinelinux.org/alpine"
+KERNEL_SOURCE_URL="https://cdn.kernel.org/pub/linux/kernel"
+
+# Feature flags
+ENABLE_STRIP="true"
+ENABLE_UPX="true"
+ENABLE_AGGRESSIVE_CLEANUP="true"
+ENABLE_2STAGE_MODULES="true"
+
+# Debug and development
+DEBUG_DEFAULT="0"
+KEEP_BUILD_ARTIFACTS="false"
+PARALLEL_JOBS="auto"

config/modules.conf

@@ -0,0 +1,52 @@
+# 2-stage module loading specification for Zero-OS Alpine initramfs
+# Based on existing configs/modules-essential.list
+# Format: STAGE:MODULE_NAME:FIRMWARE_FILES (optional)
+
+# Stage 1: Critical boot modules (loaded early for basic functionality)
+stage1:virtio_net
+stage1:virtio_scsi
+stage1:virtio_blk
+stage1:virtio_pci
+stage1:e1000
+stage1:e1000e
+stage1:scsi_mod
+stage1:sd_mod
+stage1:ahci
+stage1:nvme
+
+# Stage 2: Extended hardware support (loaded after initial boot)
+stage2:igb
+stage2:ixgbe
+stage2:i40e
+stage2:ice
+stage2:r8169
+stage2:8139too
+stage2:8139cp
+stage2:bnx2
+stage2:bnx2x
+stage2:tg3
+stage2:b44
+stage2:atl1
+stage2:atl1e
+stage2:atl1c
+stage2:alx
+
+# Tunnel and container support
+stage2:tun
+stage2:overlay
+
+# Control Groups (cgroups) - essential for container management
+stage2:cgroup_pids
+stage2:cgroup_freezer
+stage2:cgroup_perf_event
+stage2:cgroup_device
+stage2:cgroup_cpuset
+stage2:cgroup_bpf
+stage2:memcg
+stage2:blkio_cgroup
+stage2:cpu_cgroup
+stage2:cpuacct
+stage2:hugetlb_cgroup
+stage2:net_cls_cgroup
+stage2:net_prio_cgroup
+stage2:devices_cgroup

config/packages.list

@@ -0,0 +1,46 @@
+# Alpine packages for Zero-OS embedded initramfs
+# Based on existing configs/packages-minimal.txt
+# Target: ~50MB total (not 700MB!)
+
+# Core system (essential only)
+alpine-baselayout
+busybox
+musl
+
+# Module loading & hardware detection
+eudev
+eudev-hwids
+eudev-libs
+eudev-netifnames
+kmod
+
+# Console/terminal management
+util-linux
+
+# Essential networking (for Zero-OS connectivity)
+iproute2
+ethtool
+
+# Filesystem support (minimal)
+btrfs-progs
+dosfstools
+
+# Essential libraries only
+zlib
+
+# Network utilities (minimal)
+dhcpcd
+tcpdump
+bmon
+
+# Random number generation (for crypto/security)
+haveged
+
+# SSH access and terminal multiplexer
+openssh-server
+zellij
+
+# Essential debugging and monitoring tools included
+# NO development tools, NO curl/wget, NO python, NO redis
+# NO massive linux-firmware package
+# Other tools will be loaded from RFS after network connectivity

config/sources.conf

@@ -0,0 +1,10 @@
+# sources.conf - Components to download and build for initramfs
+# Format: TYPE:NAME:URL:VERSION:BUILD_FUNCTION[:EXTRA_OPTIONS]
+
+# Git repositories to clone and build
+git:zinit:https://github.com/threefoldtech/zinit:master:build_zinit
+git:mycelium:https://github.com/threefoldtech/mycelium:0.6.1:build_mycelium
+git:rfs:https://github.com/threefoldtech/rfs:development:build_rfs
+
+# Pre-built releases to download
+release:corex:https://github.com/threefoldtech/corex/releases/download/2.1.4/corex-2.1.4-amd64-linux-static:2.1.4:install_corex:rename=corex

config/zinit/cgroup.yaml

@@ -0,0 +1,2 @@
+exec: sh /etc/zinit/init/cgroup.sh
+oneshot: true

config/zinit/console.yaml

@@ -0,0 +1,2 @@
+exec: /sbin/getty -L 9600 console
+restart: always

config/zinit/depmod.yaml

@@ -0,0 +1 @@
+exec: depmod -a

config/zinit/getty.yaml

@@ -0,0 +1,2 @@
+exec: /sbin/getty -L 115200 ttyS0 vt100
+restart: always

config/zinit/gettyconsole.yaml

@@ -0,0 +1,2 @@
+exec: /sbin/getty console linux
+restart: always

config/zinit/haveged.yaml

@@ -0,0 +1,2 @@
+exec: haveged -w 1024 -d 32 -i 32 -v 1
+oneshot: true

config/zinit/init/ashloging.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+echo "start ash terminal"
+while true; do
+    getty -l /bin/ash -n 19200 tty2
+done

config/zinit/init/cgroup.sh

@@ -0,0 +1,10 @@
+set -x
+
+mount -t tmpfs cgroup_root /sys/fs/cgroup
+
+subsys="pids cpuset cpu cpuacct blkio memory devices freezer net_cls perf_event net_prio hugetlb"
+
+for sys in $subsys; do
+    mkdir -p /sys/fs/cgroup/$sys
+    mount -t cgroup $sys -o $sys /sys/fs/cgroup/$sys/
+done

config/zinit/init/modprobe.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+modprobe fuse
+modprobe btrfs
+modprobe tun
+modprobe br_netfilter
+
+echo never > /sys/kernel/mm/transparent_hugepage/enabled
+
+ulimit -n 524288

config/zinit/init/ntpd.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+ntp_flags=$(grep -o 'ntp=.*' /proc/cmdline | sed 's/^ntp=//')
+
+params=""
+if [ -n "$ntp_flags" ]; then
+  params=$(echo "-p $ntp_flags" | sed s/,/' -p '/g)
+fi
+
+exec ntpd -n $params

config/zinit/init/routing.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo "Enable ip forwarding"
+echo 1 > /proc/sys/net/ipv4/ip_forward

config/zinit/init/shm.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+mkdir /dev/shm
+mount -t tmpfs shm /dev/shm 

config/zinit/init/sshd-setup.sh

@@ -0,0 +1,15 @@
+#!/bin/ash
+if [ -f /etc/ssh/ssh_host_rsa_key ]; then
+    # ensure existing file permissions
+    chown root:root /etc/ssh/ssh_host_*
+    chmod 600 /etc/ssh/ssh_host_*
+    exit 0
+fi
+
+echo "Setting up sshd"
+mkdir -p /run/sshd
+
+ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa
+ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa
+ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa -b 521
+ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519

config/zinit/init/udev.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+
+udevadm trigger --action=add
+udevadm settle

config/zinit/lo.yaml

@@ -0,0 +1,2 @@
+exec: ip l set lo up
+oneshot: true

config/zinit/local-modprobe.yaml

@@ -0,0 +1,2 @@
+exec: sh /etc/zinit/init/modprobe.sh
+oneshot: true

config/zinit/mycelium.yaml

@@ -0,0 +1,6 @@
+exec: /usr/bin/mycelium --key-file /tmp/mycelium_priv_key.bin
+  --tun-name my0 --silent --peers tcp://188.40.132.242:9651 tcp://136.243.47.186:9651
+  tcp://185.69.166.7:9651 tcp://185.69.166.8:9651 tcp://65.21.231.58:9651 tcp://65.109.18.113:9651
+  tcp://209.159.146.190:9651 tcp://5.78.122.16:9651 tcp://5.223.43.251:9651 tcp://142.93.217.194:9651
+after:
+  - network

config/zinit/network.yaml

@@ -0,0 +1,5 @@
+exec: dhcpcd eth0
+after:
+  - depmod
+  - udevd
+  - udev-trigger

config/zinit/ntp.yaml

@@ -0,0 +1,3 @@
+exec: sh /etc/zinit/init/ntpd.sh
+after:
+  - network

config/zinit/routing.yaml

@@ -0,0 +1,2 @@
+exec: sh /etc/zinit/init/routing.sh
+oneshot: true

config/zinit/shm.yaml

@@ -0,0 +1,2 @@
+exec: /etc/zinit/init/shm.sh
+oneshot: true

config/zinit/sshd-setup.yaml

@@ -0,0 +1,2 @@
+exec: sh /etc/zinit/init/sshd-setup.sh
+oneshot: true

config/zinit/sshd.yaml

@@ -0,0 +1,3 @@
+exec: /usr/sbin/sshd -D -e
+after:
+    - sshd-setup

config/zinit/stage1-modules.yaml

@@ -0,0 +1,5 @@
+exec: sh /etc/zinit/init/stage1-modules.sh
+oneshot: true
+after:
+  - udevd
+test: /etc/zinit/init/stage1-modules.sh

config/zinit/stage2-modules.yaml

@@ -0,0 +1,6 @@
+exec: sh /etc/zinit/init/stage2-modules.sh
+oneshot: true
+after:
+  - stage1-modules
+  - network
+test: /etc/zinit/init/stage2-modules.sh

config/zinit/udev-trigger.yaml

@@ -0,0 +1,6 @@
+exec: sh /etc/zinit/init/udev.sh
+oneshot: true
+after:
+  - depmod
+  - udevmon
+  - udevd

config/zinit/udevd.yaml

@@ -0,0 +1 @@
+exec: udevd

config/zinit/udevmon.yaml

@@ -0,0 +1 @@
+exec: udevadm monitor

config/zinit/zinit.conf

@@ -0,0 +1,33 @@
+# Main zinit configuration for Zero OS Alpine
+# This replaces OpenRC completely
+
+# Logging configuration
+log_level: debug
+log_file: /var/log/zinit/zinit.log
+
+# Initialization phases
+init:
+  # Phase 1: Critical system setup
+  - stage1-modules
+  - udevd
+  - depmod
+  
+  # Phase 2: Extended hardware and networking
+  - stage2-modules
+  - network
+  - lo
+  
+  # Phase 3: System services
+  - routing
+  - ntp
+  - haveged
+  
+  # Phase 4: User services
+  - sshd-setup
+  - sshd
+  - getty
+  - console
+  - gettyconsole
+
+# Service dependencies and ordering managed by individual service files
+# All services are defined in the services/ subdirectory